Cisco Warns of Critical FMC Software Vulnerability
Cisco has identified a critical flaw in its Secure Firewall Management Center (FMC) Software. The vulnerability, cataloged as CVE-2025-20265, affects both physical and virtual appliances running Cisco Secure FMC Software versions 7.0.7 and 7.7.0 with RADIUS authentication enabled. It permits unauthenticated attackers to inject and execute arbitrary shell commands.
The flaw resides in the RADIUS subsystem's improper input handling during authentication. Exploiting this vulnerability, an attacker can send crafted credentials to the configured RADIUS server, gaining unauthenticated, remote access. Cisco's Product Security Incident Response Team (PSIRT) is currently unaware of any attacks exploiting this flaw in the wild.
Cisco has released patches to rectify this issue. However, there is no workaround available, and users are advised to transition to local, LDAP, or SAML SSO authentication as a mitigation measure. ASA and FTD software are not affected by this vulnerability.
In conclusion, Cisco Secure FMC Software versions 7.0.7 and 7.7.0 are vulnerable to remote code execution due to a flaw in the RADIUS subsystem. Users are urged to apply the provided patches and consider alternative authentication methods to mitigate risks.
